9 Answers
9

Well it depends on what method the attacker is using to crack passwords. If they are using dictionary attacks, certainly this will be very safe. After that, the attacker can try pure brute-forcing, and those methods usually try all shorter passwords before longer ones. So against common automated attacks like these, you are probably pretty safe.

As mentioned, it might be a little awkward to type in a password like this around people, since it's easy to "read" from your keystrokes. However, it wouldn't be that hard to modify these simple passwords to be a little more complicated to make them harder to read.

That all depends on how smart the dictionary is. Dictionary attacks use common transmutations and attempts to make dictionary cracks fail on an otherwise dictionary pattern. If someone wrote this algorithm in to a dictionary attack, it would only buy about 26*25 times the effort. That isn't all that much more if the pattern is tested against.
–
AJ HendersonNov 13 '12 at 21:16

2

While words like these are not in the English language dictionary (or other languages), these dictionaries are only a starting point for developing a password dictionary. Start by grabbing every online dictionary you can; add slang, typos, misspellings, etc. Add things like qwerty (for every known keyboard layout), common passwords (trustno1, etc.). Then you apply simple transforms to each word (e->3, o->0, etc. - Crack is 20+ years). A simple word like 'cat' can yield several hundred passwords to check. Now you have a dictionary.
–
pgsNov 15 '12 at 1:17

No, for the simple reason that anyone sitting next to you while you type it will be able to notice that your password is simply a long repetitions of a single character, ending with a number. It will make the challenge of guessing your password a pretty trivial task.

Rule of thumb 1: if it is easy to remember, then it is easy to guess for the attacker. (It does not work in the other direction: some passwords are easy to guess and still fiendishly difficult to remember.)

Rule of thumb 2: if the password looks witty in some way, then it is a bad password. Wit is bad. For good passwords, you need randomness.

Imagine that you are describing a method for a bunch of users who need to choose their passwords; some sort of policy, which is, by definition, public (thus known to the attacker). Your policy would go like this: "choose one letter, repeat it between 15 and 30 times, then add one digit". How many possible passwords can such a process yield ? 4160. That's 26 (for the choice of letter) times 16 (an integer in the 15..30 range) times 10 (for the final digit). Therefore, an attacker will be able to recover the password with at most 4160 tries, and an average of 2080. That's pitifully low; about 12 bits of entropy.

Length is not strength. A password is not secure by virtue of being long. A password is secure by virtue of having lots of possible values. You need a password generation process which could produce a bazillion different passwords, with uniform probability, so that the attacker cannot guess which one you actually obtained; then, the best the attacker can do is to try them all (in any order), which will succeed after an average of a half-bazillion tries. The uniform probability is very important here, and it disqualifies choosing your password with your fleshy brain alone. The password length must be sufficient for the bazillion to be huge, but that's indirect. It is not the length which makes the password strong; it is rather that a very short password cannot be strong. But once you reach 13 or 14 characters, then you have all the length you need to accomodate a ludicrous number of possible passwords.

If the attacker does not suspect your strategy, your example has higher entropy than most "usual" passwords.

However, it would be easier to memorize and type if you had multiple simple words, and it would be also less prone to being defeated by an attack that specially scans for your initial idea (for example, if it ever becomes a fashion)

It explains why high entropy is not the answer when it comes to passwords. You can make a very secure password that is still easy to remember by doing a couple things. Start with an easy to remember password, such as $0DA (soda, but with some easy substitutions), then add some padding. This could be as simple as adding some periods before and after, but it's recommended you choose a more unique padding scheme, such as <->. Add this a few times to before and after so that your final password looks something like this: <-><->$0DA<-><->

According to the calculator found on the above mentioned site, this password, under a massive cracking scenario of one hundred trillion guesses per second, would take 8.52 hundred thousand centuries to guess.

What @Polynomial said. Also, this answer is just plain wrong.
–
AviD♦Nov 14 '12 at 10:19

Interesting. I hadn't heard he was not reputable. I am just getting started in this area and the explanation provided made sense. I don't understand how this method would not create a strong password.
–
Jon GNov 14 '12 at 20:06

@AviD Can you elaborate on the wrongness? Is it the assertion that entropy is not the answer, or the use of pads on easy-to-remember password roots?
–
schroederNov 14 '12 at 20:36

2

@schroeder a few aspects: high entropy is important, but not necessarily entropy-per-character - in other words, a long, uppercase only passphrase can provide more total entropy than a short complex password (cue xkcd and correct horses). Also many password crackers are familiar with the common substitutions and prefix/suffix schemes. And of course, as soon as you come up with a Brand New Shooper Sheekret Shcheme, eventually the tools will support that one too (as per Kerkhoff's law). And that password is still not easy to remember and type correctly.
–
AviD♦Nov 15 '12 at 8:51

using a brute force - this is absolutely secure. No one will reach 25
chars in the next 2 years as Jeff pointed out in his comment.

brute force attach may as well first try all passwords of 1-100 characters consisting of the same letter, than all passwords of 1-100 characters consisting of permutations of two different letters etc. This password will be found within a few hunderd tries

using dictionary attacks - also no way (it was stated previously)

But the problem can arise not only if someone was close to you and was able to see your password, but also from the mere fact about the way password was generated. Just by knowing that you are repeating a lot in your password the entropy becomes smaller.
You can read more here

I by myself when need to come up with a strong password use the following technique. Take a big text (I like South park so here is an example):

I'm going down to South Park
gonna have myself a time.
Friendly faces everywhere
humble folks without temptation.
Goin' down to South Park
gonna leave my woes behind.

And lets take each firs letter and change it a little bit like each g will be substituted with the length of the world it contains. So you will come up with a password like:

I5dtSP5hmat.Ffehfwt. .... So we come up with a nice 20 digits password with high entropy which is easy to remember and impossible to get (if you have a nice imagination and a fan of literature).

because it consists of easily remembered words and if I will be standing next to you and see I'm going down to South it will take me second to remember and a little bit to check for different continuations, while if you have accidentally saw me writing I5dtSP I highly doubt you will remember it in a few seconds and I am sure you will never come up with a continuation. Also a password with the length of 120 sounds quite unrealistic.
–
Salvador DaliNov 13 '12 at 21:19

2

The simple password is not secure against a brute force attack. You incorrectly assume that a brute force attack will always first try all permutations of 1 character passwords in the character set, then permutations of 2 characters etc. However a brute force attach may as well first try all passwords of 1-100 characters consisting of the same letter, than all passwords of 1-100 characters consisting of permutations of two different letters etc. This password will be found within a few hunderd tries.
–
JeffNov 13 '12 at 21:50

basically you are right, I have changed it. I was not precise in this case. But the whole idea is still that this type of password is not strong and it is better to use something with higher entropy
–
Salvador DaliNov 13 '12 at 21:53

The way we calculate the strength of any password is this: Take the number of possibilities for a character times the number of characters. So, a 4 digit PIN is 10^4 = 10,000, and a 8 character lower case password is 26^8 = 208,827,064,576.

This extends to non-characters as well. For example, a password made up of 4 unrelated words from a list of 1000 most common words would have 1000^4 = 10^12 possibilities.

Now, with respect to your proposed method of a repeated character, we must ask what information is actually carried in 25 w's? In other words, what is the minimum amount of room we could convey that information in? It would seem there are two pieces. First, the character, and second, the number of repetitions. Meaning that a w repeated 25 times only has 26 * 25 = 650 possibilities. Granted, that is the worst case, where the attacker knows the character type and stops at the correct length, but I feel that is reasonable as they would likely work up to that length starting at 1.

I really like this password tester. It shows your password has about 15 bits of entropy. Compared to just wg9, which has about 18 bits.

The take away is that while a long repeated string does add some entropy to your password, it adds less than just adding another (different) character would add. If you are willing and able to use long passwords, use a passphrase instead.

From a theory stand point, no, it isn't more secure because it lacks randomness. From a practical standpoint, with some slight changes it is pretty good. When your password lacks randomness, you always run the risk that someone could write code that could rapidly find your password. For example, it would be easy enough to alter a popular dictionary attack to try appending strings of letters of various lengths and now you are just looking at 26*26*words in dictionary to attack the password. That is much Much MUCH smaller than 36 to the 26th power (which would be the difficulty with true entropy.)

That said, from a practical purpose. If you were to put a password at the end of that which was normally too short to provide sufficient entropy, but was still resistant to dictionary attacks, you would make guessing your password practically much harder as long as they don't see you entering it. If someone who could observe you wanted to break your password via brute force however, you would only be marginally more secure than whatever the entropy of the password you put at the end of it is.

In terms of general attack scenarios though, most brute force attacks are run against large sets of passwords to try to find the low hanging fruit. Your approach would likely protect you against these kinds of general attacks, but not all that much more than adding probably 3 or 4 random letters, numbers or symbols to the end of your password, which is not that much harder to remember and far easier to type. (That 3 to 4 is based on the fact that in pure entropy terms, it is only 26*26 or so, which is the equivilent of 2 more random letters. I'm giving it more entropy than that in my approximation based on likelihood of an attacker to use that pattern, which is purely a guess.)